| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. |
| Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page. |
| Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. |
| apt-listbugs before 0.1.10 creates temporary files insecurely, which allows attackers to have unspecified impact via unknown vectors. |
| In ImageMagick 7.0.5-5, the ReadSUNImage function in sun.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| In ImageMagick 7.0.5-5, the ReadBMPImage function in bmp.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| In ImageMagick 7.0.5-5, the ReadXWDImage function in xwd.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| In ImageMagick 7.0.5-5, the ReadMATImage function in mat.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| In ImageMagick 7.0.5-5, the ReadEXRImage function in exr.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| In ImageMagick 7.0.5-5, the ReadSFWImage function in sfw.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| In ImageMagick 7.0.5-5, the ReadPCDImage function in pcd.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| In ImageMagick 7.0.5-5, the ReadPCXImage function in pcx.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| In ImageMagick 7.0.5-5, the ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via the nav_data name. |
| Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink. |
| The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impact via a crafted .rb file. |
| The (1) Htpasswd authentication source in the authcrypt module and (2) SimpleSAML_Session class in SimpleSAMLphp 1.14.11 and earlier allow remote attackers to conduct timing side-channel attacks by leveraging use of the standard comparison operator to compare secret material against user input. |
| In ImageMagick 7.0.5-5, the ReadJNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file. |
| Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file. |
| The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c. |
